One Statement Policies
CA Distribution download
Find your local CA
About your certificate
Tools download and fetch-crl
IGTF OID Registry
Abingdon, UK, May 21-22, 2024
Copenhagen, DK, January 29, 2024
adjecent to TIIME Unconference
Intranet and Reviews
IGTF Guidelines for Secure Operation of Attribute Authorities and issuers of statements for entities
These guidelines describe the minimum requirements and recommendations for
the secure operation of attribute authorities and similar services that make
statements about an entity based on well-defined attributes. Adherence to these
guidelines may help to establish trust between communities, operators of
attribute authorities and issuers, and Relying Parties, infrastructures, and
service providers. This document does not define an accreditation process.
- Guidelines for Secure Operation of Attribute Authorities and issuers of statements for entities (2022) (AARC-G071)
Status: Endorsed by IGTF, endorsed by AEGIS (April 11, 2022)
Formats available: OfficeXML docx, Adobe PDF
Guideline AARC-G071 (previously also known as G048 revision 2) evolved and clarifies the scope of the guidance for Attribute Authority operators. Specifically, we realise that the AAOPS guidelines are applicable not only ot the membership management services, but are equally relevant for the other proxy components. In the revision process, we look at generalising the guidance so that attribute-specific elements are removed and more flexibility is added to cater do the various proxy delivery models (as-a-service, bespoke, multi-tenant, and on-prem).
Review process information: AARC Wiki.
- AAOPS (AARC-G071) Self-assessment supporting information
In support of the self-assessment and peer review process, an assessment sheet is provided in collaboration with the infrastructure proxies that participated in the first self-assessment: WLCG (CERN), UK-IRIS (STFC), and eduTEAMS (GEANT).
Copy or download the self-assessment sheet or provide feed-back through comments.